Skip to content

Commit

Permalink
Fixed reCaptcha issues
Browse files Browse the repository at this point in the history
  • Loading branch information
skamphuis committed Jun 17, 2019
1 parent 25aad5b commit 9a0241f
Show file tree
Hide file tree
Showing 28 changed files with 225 additions and 860 deletions.
6 changes: 6 additions & 0 deletions App_LocalResources/ucViewOptions.ascx.resx
Original file line number Diff line number Diff line change
Expand Up @@ -1221,4 +1221,10 @@
<data name="reCaptchaSiteKey.Help" xml:space="preserve">
<value>Google reCaptcha Site Key, only needed when CaptchaType is set to reCaptcha.</value>
</data>
<data name="EnablePortalFiles.Text" xml:space="preserve">
<value>Allow Portal files?</value>
</data>
<data name="EnablePortalFilesHelp.Text" xml:space="preserve">
<value>Check to allow portal files to be associated with articles.</value>
</data>
</root>
10 changes: 10 additions & 0 deletions Components/ArticleSettings.vb
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,16 @@ Namespace Ventrian.NewsArticles
End If
End Get
End Property

Public ReadOnly Property EnablePortalFiles() As Boolean
Get
If (Settings.Contains(ArticleConstants.ENABLE_PORTAL_FILES_SETTING)) Then
Return Convert.ToBoolean(Settings(ArticleConstants.ENABLE_PORTAL_FILES_SETTING).ToString())
Else
Return True
End If
End Get
End Property

Public ReadOnly Property EnableActiveSocialFeed() As Boolean
Get
Expand Down
1 change: 1 addition & 0 deletions Components/Common/ArticleConstants.vb
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ Namespace Ventrian.NewsArticles
Public Const ENABLE_PORTAL_IMAGES_SETTING As String = "EnableImages"
Public Const DEFAULT_IMAGES_FOLDER_SETTING As String = "DefaultImagesFolder"
Public Const DEFAULT_FILES_FOLDER_SETTING As String = "DefaultFilesFolder"
Public Const ENABLE_PORTAL_FILES_SETTING As String = "EnablePortalFiles"
Public Const IMAGE_RESIZE_SETTING As String = "ResizeImages"
Public Const IMAGE_THUMBNAIL_SETTING As String = "ImageThumbnailType"
Public Const IMAGE_MAX_WIDTH_SETTING As String = "ImageMaxWidth"
Expand Down
7 changes: 0 additions & 7 deletions Controls/Honeypot.ascx

This file was deleted.

44 changes: 0 additions & 44 deletions Controls/Honeypot.ascx.designer.vb

This file was deleted.

23 changes: 0 additions & 23 deletions Controls/Honeypot.ascx.vb

This file was deleted.

20 changes: 15 additions & 5 deletions Controls/PostComment.ascx
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
<%@ Control Language="vb" AutoEventWireup="false" CodeBehind="PostComment.ascx.vb" Inherits="Ventrian.NewsArticles.Controls.PostComment" %>
<%@ Control Language="vb" AutoEventWireup="false" CodeBehind="PostComment.ascx.vb" Inherits="Ventrian.NewsArticles.Controls.PostComment" ClassName="NewsArticlesPostCommentControl" %>
<%@ Register TagPrefix="dnn" Assembly="DotNetNuke" Namespace="DotNetNuke.UI.WebControls"%>
<%@ Register TagPrefix="article" TagName="ReCaptcha" Src="ReCaptcha.ascx" %>
<%@ Register TagPrefix="article" TagName="Honeypot" Src="Honeypot.ascx" %>
<asp:PlaceHolder ID="phCommentForm" runat="Server">
<p id="pName" runat="server">
<asp:textbox id="txtName" cssclass="NormalTextBox" runat="server" />
Expand All @@ -27,8 +25,20 @@
controltovalidate="txtComment" errormessage="<br>Comment Is Required" display="Dynamic" SetFocusOnError="true" ValidationGroup="PostComment" />
</p>
<dnn:captchacontrol id="ctlCaptcha" captchawidth="130" captchaheight="40" cssclass="Normal" runat="server" errorstyle-cssclass="NormalRed" />
<article:ReCaptcha runat="server" id="ctlReCaptcha" />
<article:Honeypot runat="server" id="ctlHoneypot" />
<div runat="server" id="ctlReCaptcha" >
<div style="display: none">
<asp:TextBox runat="server" ID="dummyTextBox"></asp:TextBox>
</div>
<asp:PlaceHolder runat="server" id="reCaptchaDiv"></asp:PlaceHolder>
<asp:CustomValidator runat="server" CssClass="dnnFormMessage dnnFormError" ControlToValidate="dummyTextBox" ID="RecaptchaValidator" OnServerValidate="RecaptchaValidator_OnServerValidate" />
</div>
<div runat="server" id="ctlHoneypot">
<div style="display: none">
<asp:Label ID="ConfirmEmailLabel" ControlName="txtConfirmEmail" runat="server" />
<asp:TextBox runat="server" ID="txtConfirmEmail"></asp:TextBox>
<asp:CustomValidator runat="server" CssClass="dnnFormMessage dnnFormError" ControlToValidate="txtConfirmEmail" ID="HoneypotValidator" OnServerValidate="HoneypotValidator_OnServerValidate"/>
</div>
</div>
<p>
<asp:Button ID="btnAddComment" runat="server" Text="Add Comment" ValidationGroup="PostComment" UseSubmitBehavior="False" />
</p>
Expand Down
58 changes: 56 additions & 2 deletions Controls/PostComment.ascx.designer.vb

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

80 changes: 71 additions & 9 deletions Controls/PostComment.ascx.vb
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
Imports DotNetNuke.Common.Utilities
Imports System.IO
Imports System.Net
Imports System.Web.Script.Serialization
Imports DotNetNuke.Common.Utilities
Imports DotNetNuke.Security
Imports DotNetNuke.Services.Localization
Imports DotNetNuke.Web.Client.ClientResourceManagement
Expand Down Expand Up @@ -177,10 +180,12 @@ Namespace Ventrian.NewsArticles.Controls
pUrl.Visible = Not Request.IsAuthenticated

ctlCaptcha.Visible = (ArticleSettings.CaptchaType = CaptchaType.DnnCore And Request.IsAuthenticated = False)
ctlReCaptcha.Visible = (ArticleSettings.CaptchaType = CaptchaType.ReCaptcha And Request.IsAuthenticated = False)
ctlHoneypot.Visible = (ArticleSettings.CaptchaType = CaptchaType.Honeypot And Request.IsAuthenticated = False)
ctlReCaptcha.Visible = (ArticleSettings.CaptchaType = CaptchaType.ReCaptcha And Request.IsAuthenticated = False)
if ctlReCaptcha.Visible Then
ClientResourceManager.RegisterScript(Page, ResolveUrl("https://www.google.com/recaptcha/api.js"))
reCaptchaDiv.Controls.Clear()
reCaptchaDiv.Controls.Add(New LiteralControl($"<div class=""g-recaptcha"" data-sitekey=""{GetSiteKey}"" style=""display: inline-block;""></div>"))
End If

If (Request.IsAuthenticated = False) Then
Expand All @@ -200,6 +205,11 @@ Namespace Ventrian.NewsArticles.Controls
Return
End If

If ArticleSettings.IsCommentsEnabled AndAlso ArticleSettings.CaptchaType = CaptchaType.ReCaptcha Then
SiteKey = ArticleSettings.ReCaptchaSiteKey
SecretKey = ArticleSettings.ReCaptchaSecretKey
End If

CheckSecurity()
AssignLocalization()
SetVisibility()
Expand All @@ -210,11 +220,6 @@ Namespace Ventrian.NewsArticles.Controls
valComment.ValidationGroup = "PostComment-" & ArticleID.ToString()
btnAddComment.ValidationGroup = "PostComment-" & ArticleID.ToString()

If ArticleSettings.IsCommentsEnabled AndAlso ArticleSettings.CaptchaType = CaptchaType.ReCaptcha Then
ctlReCaptcha.SiteKey = ArticleSettings.ReCaptchaSiteKey
ctlReCaptcha.SecretKey = ArticleSettings.ReCaptchaSecretKey
End If

If (Page.IsPostBack = False) Then
GetCookie()
End If
Expand All @@ -236,11 +241,11 @@ Namespace Ventrian.NewsArticles.Controls
txtComment.Focus()
Return
End If
If (ctlReCaptcha.Visible AndAlso ctlReCaptcha.RecaptchaIsValid() = False) Then
If (ctlReCaptcha.Visible AndAlso RecaptchaIsValid() = False) Then
txtComment.Focus()
Return
End If
If (ctlHoneypot.Visible AndAlso ctlHoneypot.IsValid() = False) Then
If (ctlHoneypot.Visible AndAlso HoneypotIsValid() = False) Then
txtComment.Focus()
Return
End If
Expand Down Expand Up @@ -530,7 +535,64 @@ Namespace Ventrian.NewsArticles.Controls
End Sub

#End Region

public property SiteKey as String = ""
public property SecretKey as String = ""

Protected Sub RecaptchaValidator_OnServerValidate(source As Object, args As ServerValidateEventArgs)
args.IsValid = RecaptchaIsValid()
End Sub

Protected Function GetSiteKey() As String
return SiteKey
End Function

Private _recaptchaisvalid As Boolean? = Nothing
Public Function RecaptchaIsValid() As Boolean
If _recaptchaisvalid.HasValue Then Return _recaptchaisvalid.Value
Dim Response As String = Request("g-recaptcha-response")
RecaptchaIsValid = False
Dim req As HttpWebRequest = CType(WebRequest.Create($"https://www.google.com/recaptcha/api/siteverify"), HttpWebRequest)

Try
Dim postData = $"secret={SecretKey}&response={Response}"
Dim postEnc = Encoding.ASCII.GetBytes(postData)
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
req.ContentLength = postEnc.Length

Using stream = req.GetRequestStream()
stream.Write(postEnc, 0, postEnc.Length)
End Using

Using wResponse As WebResponse = req.GetResponse()

Using readStream As StreamReader = New StreamReader(wResponse.GetResponseStream())
Dim jsonResponse As String = readStream.ReadToEnd()
Dim js As JavaScriptSerializer = New JavaScriptSerializer()
Dim data As RecaptchaResponse = js.Deserialize(Of RecaptchaResponse)(jsonResponse)
_recaptchaisvalid = Convert.ToBoolean(data.success)
End Using
End Using

Catch ex As WebException
Throw ex
End Try

Return _recaptchaisvalid.Value
End Function

Protected Sub HoneypotValidator_OnServerValidate(source As Object, args As ServerValidateEventArgs)
args.IsValid = HoneyPotIsValid()
End Sub

Public Function HoneyPotIsValid() As Boolean
Return txtConfirmEmail.Text = ""
End Function

End Class
public class RecaptchaResponse
public Property success As String
End Class

End Namespace
9 changes: 0 additions & 9 deletions Controls/ReCaptcha.ascx

This file was deleted.

Loading

0 comments on commit 9a0241f

Please sign in to comment.